Updated:04:53 PM EDT Jul 23



NEWS
rss feed 
 
top 100
archive
submit news

FREE eBooks

REVIEWS
 
SOFTWARE
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
 
FORUMS
comments
hardware
software
off-topic
 
LINKS
 
SPONSORS:



Expert writing tips from professional writers.

Free essay writing tutorials for students.

Booty Bingo

New Look Bingo

Mummies Bingo

M Jackpots

(C) 2006-2017 TechAmok
All Rights Reserved.



CONTACT
 
Massive security hole uncovered in HTC Android phones - TechAmok

Massive security hole uncovered in HTC Android phones - [mobile]
05:45 PM EDT - Oct,03 2011 - post a comment

Android Police has done some digging into a suite of logging tools, dubbed HtcLoggers, that were loaded onto a range of HTC phones in a recent update. While the exact purpose of the tools is not known, they collect a bevy of information including, but not limited to, location, user accounts, phone numbers, system logs and some SMS data. Here's the kicker - it is apparently possible for any app that uses Android's INTERNET permission to access - and therefore copy off the device - any of that information. Given that most apps that access the web or display ads request the INTERNET permission, the consequences of this find are, as Artem Russakovskii of Android Police puts it, massive. Reportedly only phones with the stock Sense firmware are affected. Using a proof of concept app, the EVO 4G, EVO 3D, Thunderbolt, EVO Shift 4G, MyTouch 4G Slide and some Sensation models have been found vulnerable to data theft via the HtcLoggers app.

Put simply, any app with the INTERNET permission running on the aforementioned phones can access at least:

ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc. READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats


Add your comment (free registrationrequired)

Short overview of recent news articles

Jul,23 2017 Symantec makes another huge mistake
Jul,23 2017 Core i9 7900X vs 7820X vs 7800X vs 7740X!
Jul,23 2017 AMD Radeon Vega Frontier Edition vs NVIDIA GTX1080
Jul,23 2017 Stranger Things Season 2 Trailer
Jul,23 2017 Thor: Ragnarok Official Trailer
Jul,22 2017 The best pics on the Internet #233
Jul,22 2017 Marvel's The Defenders Official Trailer 2
Jul,21 2017 The Samsung Galaxy Note 8 is coming on 23rd August
Jul,21 2017 Andy Rubin's Essential Phone to Arrive In 'A Few Weeks'
Jul,21 2017 Miranda Kerr's Ultimate Pre-Wedding Detox
Jul,21 2017 Bright - Official Trailer
Jul,20 2017 Blizzard Dropping XP and Vista Support
Jul,20 2017 Jigsaw (2017 Movie) Official Trailer
Jul,20 2017 The Snowman Official Trailer #1 (2017)
Jul,20 2017 The Shape of Water - Official Trailer
Jul,19 2017 Hottest Babes on the Internet #93
Jul,19 2017 Samsung Pay Rings Up Support for PayPal
Jul,19 2017 Samsung Commits to Recycling Parts from Galaxy Note7
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.02secs